diff --git a/.travis.yml b/.travis.yml index 25e8152..07a44c9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,9 +3,11 @@ services: docker env: - distro: centos7 + - distro: ubuntu1804 - distro: ubuntu1604 - distro: ubuntu1404 - - distro: debian8 + - distro: debian9 + - distro: fedora27 script: # Configure test script so we can run extra tests after playbook is run. diff --git a/README.md b/README.md index c7e81da..8b0755f 100644 --- a/README.md +++ b/README.md @@ -17,16 +17,26 @@ Available variables are listed below, along with default values (see `defaults/m docker_package: "docker-{{ docker_edition }}" docker_package_state: present -The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using a format like `docker-{{ docker_edition }}-`. And you can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively. +The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using the distribution-specific format: Red Hat/CentOS: `docker-{{ docker_edition }}-`; Debian/Ubuntu: `docker-{{ docker_edition }}=`. - docker_install_compose: true - docker_compose_version: "1.16.1" +You can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play). + + docker_service_state: started + docker_service_enabled: yes + docker_restart_handler_state: restarted + +Variables to control the state of the `docker` service, and whether it should start on boot. If you're installing Docker inside a Docker container without systemd or sysvinit, you should set these to `stopped` and set the enabled variable to `no`. + + docker_install_compose: True + docker_compose_version: "1.22.0" docker_compose_path: /usr/local/bin/docker-compose Docker Compose installation options. docker_apt_release_channel: stable - docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" + docker_apt_arch: amd64 + docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" + docker_apt_ignore_key_error: True (Used only for Debian/Ubuntu.) You can switch the channel to `edge` if you want to use the Edge release. @@ -36,6 +46,12 @@ Docker Compose installation options. (Used only for RedHat/CentOS.) You can enable the Edge or Test repo by setting the respective vars to `1`. + docker_users: + - user1 + - user2 + +A list of system users to be added to the `docker` group (so they can use Docker on the server). + ## Use with Ansible (and `docker` Python library) Many users of this role wish to also use Ansible to then _build_ Docker images and manage Docker containers on the server where Docker is installed. In this case, you can easily add in the `docker` Python library using the `geerlingguy.pip` role: diff --git a/defaults/main.yml b/defaults/main.yml index 3573df1..c12e9e9 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -4,16 +4,26 @@ docker_edition: 'ce' docker_package: "docker-{{ docker_edition }}" docker_package_state: present +# Service options. +docker_service_state: started +docker_service_enabled: yes +docker_restart_handler_state: restarted + # Docker Compose options. -docker_install_compose: true -docker_compose_version: "1.16.1" +docker_install_compose: True +docker_compose_version: "1.22.0" docker_compose_path: /usr/local/bin/docker-compose # Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed. docker_apt_release_channel: stable -docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" +docker_apt_arch: amd64 +docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" +docker_apt_ignore_key_error: True -# Used only for RedHat/CentOS. -docker_yum_repo_url: https://download.docker.com/linux/centos/docker-{{ docker_edition }}.repo +# Used only for RedHat/CentOS/Fedora. +docker_yum_repo_url: https://download.docker.com/linux/{{ (ansible_distribution == "Fedora") | ternary("fedora","centos") }}/docker-{{ docker_edition }}.repo docker_yum_repo_enable_edge: 0 docker_yum_repo_enable_test: 0 + +# A list of users who will be added to the docker group. +docker_users: [] diff --git a/handlers/main.yml b/handlers/main.yml index 43016e0..7847bc1 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,3 +1,3 @@ --- - name: restart docker - service: name=docker state=restarted + service: "name=docker state={{ docker_restart_handler_state }}" diff --git a/meta/main.yml b/meta/main.yml index b975c01..939d881 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -6,12 +6,15 @@ galaxy_info: description: Docker for Linux. company: "Midwestern Mac, LLC" license: "license (BSD, MIT)" - min_ansible_version: 2.0 + min_ansible_version: 2.4 platforms: - name: EL versions: - 6 - 7 + - name: Fedora + versions: + - all - name: Debian versions: - jessie @@ -19,6 +22,7 @@ galaxy_info: versions: - trusty - xenial + - bionic galaxy_tags: - web - system diff --git a/tasks/docker-users.yml b/tasks/docker-users.yml new file mode 100644 index 0000000..afebd9a --- /dev/null +++ b/tasks/docker-users.yml @@ -0,0 +1,7 @@ +--- +- name: Ensure docker users are added to the docker group. + user: + name: "{{ item }}" + groups: docker + append: yes + with_items: "{{ docker_users }}" diff --git a/tasks/main.yml b/tasks/main.yml index 1b7acd4..e945329 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,12 +1,15 @@ --- -- include: setup-RedHat.yml +- include_tasks: setup-RedHat.yml when: ansible_os_family == 'RedHat' -- include: setup-Debian.yml +- include_tasks: setup-Debian.yml when: ansible_os_family == 'Debian' - name: Install Docker. - package: name={{ docker_package }} state={{ docker_package_state }} + package: + name: "{{ docker_package }}" + state: "{{ docker_package_state }}" + notify: restart docker - name: enable remote docker access block: @@ -42,8 +45,14 @@ - name: Ensure Docker is started and enabled at boot. service: name: docker - state: started - enabled: yes + state: "{{ docker_service_state }}" + enabled: "{{ docker_service_enabled }}" -- include: docker-compose.yml +- name: Ensure handlers are notified now to avoid firewall conflicts. + meta: flush_handlers + +- include_tasks: docker-compose.yml when: docker_install_compose + +- include_tasks: docker-users.yml + when: docker_users diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index d0be48d..312de84 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -7,13 +7,12 @@ - docker - docker-engine -- name: Ensure depdencies are installed. +- name: Ensure dependencies are installed. apt: - name: "{{ item }}" + name: + - apt-transport-https + - ca-certificates state: present - with_items: - - apt-transport-https - - ca-certificates - name: Add Docker apt key. apt_key: @@ -21,17 +20,17 @@ id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 state: present register: add_repository_key - ignore_errors: true + ignore_errors: "{{ docker_apt_ignore_key_error }}" - name: Ensure curl is present (on older systems without SNI). package: name=curl state=present - when: add_repository_key|failed + when: add_repository_key is failed - name: Add Docker apt key (alternative for older systems without SNI). shell: "curl -sSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -" args: warn: no - when: add_repository_key|failed + when: add_repository_key is failed - name: Add Docker repository. apt_repository: